Appln. Serial No. 09/714,082 

Amendment Dated March 14, 2005 

Reply to Office Action Mailed December 14, 2004 

AMENDMENTS TO THE CLAIMS 
This listing of claims replaces all prior versions, and listings, of claims in the appUcation: 
1 L (Cancelled) 

1 2. (Previously Presented) The method of claim 32, wherein establishing the secure 

2 link comprises estabhshing a virtual private network session. 

1 3. (Cancelled) 

1 4. (Currently Amended) The method of claim [[3]] 32, wherein sending the at least 

2 one ping message comprises sending at least one Intemet Control Message Protocol message. 

1 5. (Previously Presented) A method of determining if a link is alive, comprising: 

2 establishing a secure link between a first node and a second node according to a 

3 security protocol; 

4 sending at least one ping message targeting the second node over the secure hnk, 

5 the at least one ping message defined outside the security protocol; and 

6 monitoring for at least one ping reply to determine if the secure link is alive, 

7 wherein sending the at least one ping message comprises sending at least one 

8 Intemet Control Message Protocol message. 

1 6. (Previously Presented) The method of claim 32, wherein establishing the secure 

2 link comprises establishing the secure link between first and second nodes each comprising a 

3 security gateway. 

1 7. (Currently Amended) The method of claim 6, further comprising sending at least 

2 one ping message targeting another node connected to a network behind the second node. 
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1 8. (Currently Amended) The method of claim 7, further comprising monitoring for 

2 at least one ping reply from the other node. 

1 9. (Previously Presented) The method of claim 32, further comprising tearing down 

2 the secure link if the IPsec security association s e cur e linlc is determined not to be alive valid . 

1 10. (Currently Amended) The method of claim 9, wherein tearing down the secure 

2 link comprises tearing down [[a]] the IPsec security association according to an Lit e m e t Protocol 

3 Security protocol . 

1 11. (Cancelled) 

1 12. (Previously Presented) The method of claim 34, wherein establishing the secure 

2 link comprises establishing a secure link protected according to an hitemet Protocol Security 

3 protocol. 

1 13. (Previously Presented) The method of claim 34, wherein establishing the secure 

2 link comprises establishing a virtual private network session. 

1 14,-15. (Cancelled) 

1 16. (Previously Presented) The method of claim 34, wherein sending the at least one 

2 ping message comprises sending an Intemet Control Message Protocol message. 

1 17. (Original) The method of claim 16, wherein establishing the secure link 

2 comprises establishing a secure link protected according to an Intemet Protocol Security 

3 protocol. 

1 18.-19. (Cancelled) 
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1 20. (Previously Presented) A system for communicating between a network element 

2 and a remote node, comprising: 

3 a security module adapted to establish a secu!re link with the remote node, the 

4 secure link having a security mechanism according to a security protocol; and 

5 a keep-ahve module adapted to send at least one ping message over the secure 

6 link to the remote node, the at least one ping message defined outside the security protocol, 

7 wherein the at least one ping message comprises an Litemet Control Message 

8 Protocol message. 

1 21. (Currently Amended) The system of claim [[36]] 26, further comprising: 

2 an interface to a packet-based network, the secure link established over the 

3 packet-based network; and 

4 a layer to control communications over the packet-based network. 

1 22. (Original) The system of claim 21, wherein the layer comprises an Internet 

2 Protocol layer. 

1 23. (Cancelled) 

1 24. (Currently Amended) The system of claim [[23]] 26, wherein the security module 

2 is adapted to tear down a security association of the secure link if the secure link is not alive. 

1 25. (Original) The system of claim 24, wherein the security association comprises an 

2 Litemet Protocol Security protocol security association. 
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1 26. (Currently Amended) The system of claim 36, A system for communicating 

2 between a network element and a remote node, comprising: 

3 a security module adapted to establish a secure link with the remote node, the 

4 secure link having a security mechanism according to a security protocol; and 

5 a keep-alive module adapted to send at least one ping message over the secure 

6 link to the remote node, the at least one ping message defined outside the security protocol 

7 wherein the at least one ping message is protected according to the security 

8 protocol 

9 wherein the keep-alive module is adapted to further monitor for at least one ping 

10 reply responsive to the at least one ping message to determine if the secure link is alive, the 

1 1 system further comprising a module adapted to establish a link over a secondary communication 

12 network if the secure link is not alive. 

1 27. (Cancelled) 

1 28. (Previously Presented) The article of claim 38, wherein the instructions when 

2 executed cause the controller to further establish an hitemet Protocol security association for the 

3 secure link. 

1 29. (Original) The article of claim 28, wherein the instructions when executed cause 

2 the controller to tear down the security association if the controller does not receive the at least 

3 one ping reply. 

1 30. (Previously Presented) The article of claim 38, wherein the controller is part of 

2 the first node. 

1 31. (Cancelled) 
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1 32. (Currently Amended) A method of d e termining if a linlc is aliv e , comprising: 

2 establishing a secure link between a first node and a second node according to a 

3 s e curity an Internet Protocol Security (EPsec) protocol; 

4 sending at least one ping message targeting the second node over the secure link, 

5 the at least one ping message defined outside the s e curity IPsec protocol; and 

6 monitoring for at least one ping reply to determine if th e s e cure linlc is aliv e m 

7 IPsec security association of the secure link is valid , 

8 wherein sending the at least one ping message comprises sending the at least one 

9 ping message protected according to the s e curity IPsec protocol. 

1 33. (Cancelled) 

1 34. (Currently Amended) A method ofcommunicating with a remote node, 

2 comprising: 

3 establishing a secure link between a first security gateway and a second security 

4 gateway, the remote node in communication with the second security gateway over a network 

5 separate from the secure link : 

6 sending at least one ping message to the remote node over the secure link^ and 

7 through the second security gatewa y, and over the network ; and 

8 monitoring for at least one ping reply from the remote node to determine if the 

9 secure Unk is alive, 

10 wherein establishing the secure link comprises establishing a secure link protected 

1 1 according to a security protocol, 

12 wherein sending the at least one ping message comprises sending at least one ping 

13 message defined outside the security protocol, 

14 wherein sending the at least one ping message comprises sending the at least one 

1 5 ping message protected according to the security protocol. 
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1 35. (Previously Presented) The method of claim 34, wherein the security protocol 

2 comprises an Internet Protocol Security protocol (IPsec), and wherein sending the at least one 

3 ping message comprises sending the at least one ping message encrypted according to an IPsec 

4 security association. 

1 36. (Cancelled) 

1 37. (Currently Amended) The system of claim [[36]] 26, wherein the security 

2 protocol comprises an Internet Protocol Security protocol (EPsec), and wherein the at least one 

3 ping message is encrypted according to an IPsec security association. 

1 38. (Currently Amended) An article comprising at least one storage medium 

2 containing instructions for controlling communications, the instructions when executed causing a 

3 controller to: 

4 establish a secure link between a first node and a second node according to a 

5 security protocol; 

6 send at least one ping message targeting the second node over the secure link, the 

7 at least one ping message defined outside the security protocol; and 

8 monitor for at least one ping reply to determine if th e s e cur e linlc is aUv e a 

9 security association of the secure link is valid , 

10 wherein sending the at least one ping message comprises sending the at least one 

1 1 ping message protected according to the security protocol. 

1 39. (Currently Amended) The article of claim 38, wherein the security protocol 

2 comprises an Internet Protocol Security protocol (IPsec), wherein the security association of the 

3 secure link comprises an IPsec security association, and wherein sending the at least one ping 

4 message comprises sending the at least one ping message encrypted according to [[an]] the IPsec 

5 security association. 

1 40.-43. (Cancelled) 
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